laptop and a wrench

漏洞

When using Web AppBuilder for ArcGIS Developers edition 1.2 with Portal for ArcGIS and ArcGIS for Server 10.3.1, both secured with integrated windows authentication (IWA) on separate machines and are not federated, a query from the query widget with a response number of features over a certain size will fail returning the error “401 unauthorized” as it switches the GET request to a POST request and it is passed through the proxy. The failure is due to the fact that this request is passed through a proxy that is unable to authenticate against the ArcGIS Server secured at the web-tier with IWA.

上次发布: June 17, 2016 ArcGIS Web AppBuilder developer edition
漏洞 ID 编号 BUG-000090121
已提交August 20, 2015
上次修改时间June 5, 2024
适用范围ArcGIS Web AppBuilder developer edition
找到的版本1.1
修正版本Dev 1.3
状态Fixed

解决办法

1) Pass username, password, and domain in the proxy.config of a Microsoft .Net proxy to allow authentication for users to avoid the error “401 unauthorized”. 2) Modify proxy.ashx to automatically pull and pass windows authentication. 3) Modify ‘/jimu.js/main.js’ of the application code to add the prefix of the requesting ArcGIS for Server REST URL to Cross Origin Resource Sharing (CORS) enabled servers so that the request is never sent in the first place: // path for service from web-tier (IWA/PKI/LDAP) arcgis server // supt05320.esri.com is the associated window.esri.config.defaults.io.corsEnabledServers.push({ host: "supt05320.esri.com", withCredentials: true });

重现步骤

漏洞 ID: BUG-000090121

软件:

  • ArcGIS Web AppBuilder developer edition

当漏洞状态发生变化时获得通知

下载 Esri 支持应用程序

发现关于本主题的更多内容

获取来自 ArcGIS 专家的帮助

联系技术支持部门

下载 Esri 支持应用程序

转至下载选项